package SV_DATA_FILE;



import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.Part;
import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.nio.file.Files;
import java.nio.file.StandardCopyOption;

public class Vulnerable_02 {
    public void doPost(HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException {
        //get the file chosen by the user
        Part filePart = request.getPart("fileToUpload");

        //get the InputStream to store the file somewhere
        InputStream fileInputStream = filePart.getInputStream();

        //for example, you can copy the uploaded file to the server
        File fileToSave = new File("fileName.exe");
        Files.copy(fileInputStream, fileToSave.toPath(), StandardCopyOption.REPLACE_EXISTING); // Detect defect here because: filename is dangerous and content is from user request
    }
}
